Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀

Crack Everything for CrackMapExec version 6

Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀

Username tools for penetration testing

Kerberos relaying and unconstrained delegation abuse toolkit

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to modiy and DM if you find s…

In-depth ldap enumeration utility

Execute commands interactively on remote Windows machines using the WinRM protocol

.Net Assembly loader for the GMSAPasswordReader

Dumping LAPS from Python

Lists who can read any gMSA password blobs and parses them if the current user has access.

Get SYSTEM via SeDebugPrivilege

generate payloads that force authentication against an attacker machine

SharpWSUS is a c# tool for abusing Microsoft Windows Server Update Services for Lateral Movement

Collection of random RedTeam scripts.

OSEP - Offsec Expert Professional

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments…

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

Penelope Shell Handler

purplestorm writeup collection

Windows Privilege Escalation

Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applications to elevate privileges.

.NET/PowerShell/VBA Offensive Security Obfuscator

RunasCs - Csharp and open version of windows builtin runas.exe

PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)

Extract SAM and SYSTEM using Volume Shadow Copy (VSS) API. With multiple exfiltration options and XOR obfuscation